foo.sh/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ssh_known_hosts: Use ssh certificate authority

Browse source
This commit is contained in:
Timo Makinen 2024-03-23 19:51:32 +00:00
parent 7ce6d58923
commit b1c3597fa9
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
roles/ssh_known_hosts/templates/ssh_known_hosts.j2
View file

@ -1,5 +1,5 @@
{% for host, vars in hostvars|dictsort %}
{% if vars["ansible_ssh_host_key_ed25519_public"] is defined %}
{{ host }} ssh-ed25519 {{ vars["ansible_ssh_host_key_ed25519_public"] }}
{% endif %}
{% set keys = lookup('fileglob', '/srv/sshca/ca/*.pub', wantlist=True) %}
{% for key in keys %}
{% set data = lookup('ansible.builtin.file', key) | split() %}
@cert-authority *.foo.sh {{ data[0:2] | join(' ') }}
{% endfor %}